Latest News Articles

--- TLP:WHITE ---
(https://first.org/tlp/)
########################################################
#### CSIRT-IE End of Week Report ####
########################################################
Date : Friday 16-08-2019 10:00 ; Friday 23-08-2019 10:00
=====================================
= News =
=====================================
− The Texas Ransomware Attacks: A Gamechanger for Cybercriminals
Security researchers worry that this weekend’s coordinated attacks on
more than 20 Texas governments mark a change in how ransomware attacks
will be launched in the future. Texas officials have been left scrambling
after up to 22 Texas entities – the majority of which are local
governments – were hit by a coordinated ransomware attack on Friday.
https://threatpost.com/the-texas-ransomware-attacks-a-gamechanger-for-
cybercriminals/147597/
− Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics
Silence APT, a Russian-speaking cybercriminal group, known for targeting
financial organizations primarily in former Soviet states and neighboring
countries is now aggressively targeting banks in more than 30 countries
across America, Europe, Africa, and Asia. Active since at least
September 2016, Silence APT group's most recent successful campaign was
against Bangladesh-based Dutch-Bangla
https://thehackernews.com/2019/08/silence-apt-russian-hackers.html
− Forced Password Reset? Check Your Assumptions
Almost weekly now I hear from an indignant reader who suspects a data
breach at a Web site they frequent that has just asked the reader to
reset their password. Further investigation almost invariably reveals
that the password reset demand was not the result of a breach but rather
the site's efforts to identify customers who are reusing passwords from
other sites that have already been hacked. But ironically, many companies
taking these proactive steps soon discover that their explanatio...
https://krebsonsecurity.com/2019/08/forced-password-reset-check-your-
assumptions/
− Companies Act to Defend Privacy of Kazakhstanis
Google and Mozilla act to defend the privacy of users in Kazakhstan
against their own government.
https://www.infosecurity-magazine.com/news/companies-act-to-defend-
privacy-of/
− Cyber Attack on Google did not cause outage across the United States
However, in a briefing released a few minutes ago, Google has officially
declared that the outage was not caused by a cyberattack, but was due to
a technical glitch which affected meager 5% of Gmail accounts. An update
provided by Downdetector says that the service disruption was caused
only on the....
https://www.cybersecurity-insiders.com/cyber-attack-on-google-did-not-
cause-outage-across-the-united-states/
− Hundreds of Thousands of People Are Using Passwords That Have Already
Been Hacked, Google Says
A new Google study this week confirmed the obvious: internet users need
to stop using the same password for multiple websites unless they’re keen
on having their data hijacked, their identity stolen, or worse. It
seems like not a day goes by without a major company being hacked or
leaving user email....
https://www.vice.com/en_us/article/zmjvm9/hundreds-of-thousands-of-
people-are-using-passwords-that-have-already-been-hacked-google-says
=====================================
= Vulnerabilities =
=====================================
− Breaker, breaker. Apple's iOS 12.4 update breaks jailbreak break, un-
breaks the break. 10-4 File under: 'Breaking' news iPhone hackers have
discovered Apple's most recent iOS update, 12.4, released in July,
accidentally reopened a code-execution vulnerability that was previously
patched – a vulnerability that can be abused to jail-break iThings.…
https://www.theregister.co.uk/2019/08/20/apples_ios_update_jailbreak/
− Dear Planet Earth: Patch Webmin now – zero-day exploit emerges for
potential hijack hole in server control panel Flawed code traced to home
build system, vulnerability can be attacked in certain configs Updated
The maintainers of Webmin – an open-source application for system-
administration tasks on Unix-flavored systems – have released Webmin
version 1.930 and the related Usermin version 1.780 to patch a
vulnerability that can be exploited to achieve remote code execution in
certain configurations.…
https://www.theregister.co.uk/2019/08/19/webmin_project_zero_day_patch/
− No REST for the wicked: Ruby gem hacked to siphon passwords, secrets
from web devs
Developer account cracked due to credential reuse, source tampered with
and released to hundreds of programmers An old version of a Ruby
software package called rest-client that was modified and released about
a week ago has been removed from the Ruby Gems repository – because it was
found to be deliberately leaking victims' credentials to a remote server.
https://www.theregister.co.uk/2019/08/20/ruby_gem_hacked/
− Cisco Warns of Public Exploit Code for Critical Switch Flaws
Cisco updated the security advisories for three vulnerabilities patched
in early August warning customers that its Product Security Incident
Response Team (PSIRT) team is aware of public exploit code being available
https://www.bleepingcomputer.com/news/security/cisco-warns-of-public-
exploit-code-for-critical-switch-flaws/
=====================================
= Community News =
=====================================
− 100 security tips for the next 100 days, #100securedays, cyber security
tips with Ward Solutions - Irish Tech News
By Rebecca Mathews. Almost 90% of cyber-attacks are caused by human error.
Companies need to emphasize more on security awareness training to their
staff beyond simply sending an email. It is not only the ‘IT’ department
that is responsible for the security of a business, it is the responsibility
of every employee.
https://irishtechnews.ie/100securedays-cyber-security-tips-with-ward-
solutions/
− Should Companies Block Newly Registered Domains?
A study from Palo Alto Networks indicates that the companies blocking
NRDs are onto something.
https://www.infosecurity-magazine.com/news/should-companies-block-newly/
− State-Sponsored Cyberattacks Target Medical Research
Cancer research is a particular target among Chinese espionage groups,
says security firm FireEye.
https://www.darkreading.com/threat-intelligence/state-sponsored-
cyberattacks-target-medical-research/d/d-id/1335590
− Hackers attack Indian healthcare website, steal 6.8 million records
New Delhi: In a startling revelation, US-based cyber security firm FireEye
said on Thursday that hackers broke into a leading India-based healthcare
website, stealing 68 lakh records containing patient and doctor information.
Without naming the website, FireEye said cyber criminals — mostly....
https://www.databreaches.net/hackers-attack-indian-healthcare-website-
steal-68/
--- TLP:WHITE ---

Report a Cyber Security Incident

Reports help the NCSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.